关于sso单点登录以及通过路径直接访问Servlet

Posted 小春子60

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了关于sso单点登录以及通过路径直接访问Servlet相关的知识,希望对你有一定的参考价值。

1.单点登录代码

 

package cn.sunline.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;

import cn.sunline.Constants;
import cn.sunline.permission.repository.IUser;
import cn.sunline.systemconfig.repository.SystemConfigDAOFactory;

/**
* 用户session控制。
* @author sunline
*/
public class UserSessionFilter implements Filter {

public FilterConfig config;

public void destroy() {
this.config = null;
}

@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(
(HttpServletResponse) response);

// ClientService service= CommonService.getInstance().getClientService("SystemConfigService");
// Object[] param = new Object[]{"IS_UAP"};
// Object obj = service.execute("getValue", new JSONArray(param));
// String isUap = "";
// if(null != obj){
// isUap = (String)obj;
// }
//
String excludePath = Constants.excludePath; //登录登陆页面,通过统一认证与直接登录。

// if("TRUE".equals(isUap)){
// excludePath="spservice.jsp";
// }else{
// excludePath="login.jsp";
// }
String includePath = config.getInitParameter("includePath"); //过滤资源后缀参数
//String includePath =Constants.includePath;
String redirectPath = httpRequest.getContextPath()+ config.getInitParameter("redirectPath");
// String redirectPath = httpRequest.getContextPath() + Constants.redirectPath; //没有登陆转向页面

/*if("TRUE".equals(Constants.isUap)){
includePath=includePath+";/dcp";
}*/
String[] excludeList = excludePath.split(";");
String[] includeList = includePath.split(";");

request.setCharacterEncoding("UTF-8");
String userName = request.getParameter("userName");
String sso = request.getParameter("sso");
if("true".equals(sso)){
IUser user1 = SystemConfigDAOFactory.getSmUserDAO().getUserByName(userName);
if(user1 != null){
HttpSession session = httpRequest.getSession();
session.setAttribute("authUser", user1);
String indexJsp = httpRequest.getContextPath()+"/home/index.jsp";//首页url
wrapper.sendRedirect(indexJsp);
return;
}
}

if (!this.isContains(httpRequest.getRequestURI(), includeList)) { //只对指定过滤参数后缀进行过滤
chain.doFilter(request, response);
return;
}

if (this.isContains(httpRequest.getRequestURI(), excludeList)) { //对登录页面不进行过滤
chain.doFilter(request, response);
return;
}

Object user = httpRequest.getSession().getAttribute("authUser");//判断用户是否登录
if (user == null) {
wrapper.sendRedirect(redirectPath);
return;
} else {
chain.doFilter(request, response);
return;
}
}

@Override
public void init(FilterConfig config) throws ServletException {
this.config = config;
}

/**
* 是否包含指定的字符串
* @param urlPath
* @param regx
* @return
*/
public boolean isContains(String urlPath, String[] regx) {
boolean result = false;

for (int i = 0; i < regx.length; i++) {
if (urlPath.indexOf(regx[i]) != -1) {
return true;
}
}
return result;
}

}

 

2.配置相应的web.xml

<filter>
<filter-name>UserSessionFilter</filter-name>
<filter-class>cn.sunline.filter.UserSessionFilter</filter-class>
<init-param>
<param-name>excludePath</param-name>
<param-value>spservice.jsp;login.jsp</param-value>
</init-param>
<init-param>
<param-name>includePath</param-name>
<param-value>/pages</param-value>
</init-param>
<init-param>
<param-name>redirectPath</param-name>
<param-value>/timeout.jsp</param-value>
</init-param>
</filter>

 

页面通过路径可以直接访问到:window.open("http://10.10.66.225:8080/dcp/UserSessionFilter?userName="+prjCd+"&sso="+true);

 

4.Servlet路径直接访问servlet

路径:http://10.10.66.225:8080/dcp/console/CasRMIServlet?userName="+userName

 

访问一个CasRMIServlet 类

public class CasRMIServlet extends HttpServlet 

 

web.xml配置信息

<servlet>
<servlet-name>CasRMIServlet</servlet-name>
<servlet-class>cn.sunline.framework.rmi.CasRMIServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CasRMIServlet</servlet-name>
<url-pattern>/console/CasRMIServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>CasRMIServlet</servlet-name>
<url-pattern>*.stub</url-pattern>
</servlet-mapping>

 

以上是关于关于sso单点登录以及通过路径直接访问Servlet的主要内容,如果未能解决你的问题,请参考以下文章

单点登录系统SSO以及实现技术CAS了解(手记)

单点登录SSO

单点登录SSO

单点登录SSO

SSO-单点登录

SSO单点登录入门